Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Circuits and methods for modular exponentiation

Inactive Publication Date: 2005-08-25
IBM CORP
View PDF24 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0011] There are two items to note in particular about this method for carrying out modulo N multiplication. The first thing to note is that the multiplication is based upon a partitioning of one of the factors into sub-blocks with k bits in each block. This greatly simplifies the size of multiplier arrays which need to be constructed. It furthermore creates a significant degree of parallelism which permits the multiplication operation be carried out in a much shorter period of time. The second item to note is that the partitioning also results in the splitting of the process not only into a plurality of m cycles, but also, splits the method into two phases that occur in each cycle. In the first phase (X-phase), the values Xi and yi are computed. In the second phase (Z-phase), the intermediate result value Zi+1 is calculated. It should be noted that, in the calculation of Xi and in the calculation of Zi+1, there is an addition operation and a multiplication operation. This fact allows the same hardware which performs the multiplication and addition in each of these steps to be shared rather than duplicated. With respect to the division by R in the formation of Zi+1, it is noted that this is accomplishable by simply discarding the low order k bits. Other advantages of this structure will also become apparent.
[0051] It is also an object of the present invention to produce a high-speed, high-performance cryptographic engine.

Problems solved by technology

However, even though there is a desire for inclusion of a large number of bits in each factor, the speed of calculation becomes significantly slower as the number of digits or bits increase.
However, for real-time cryptographic purposes, speed of encryption and decryption are important concerns.
519-521, Peter L. Montgomery describes an algorithm for “Modular Multiplication without Trial Division.” However, this article describes operations that are impractical to implement in hardware for a large value of N. Furthermore, the method described by Montgomery operates only in a single phase.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Circuits and methods for modular exponentiation
  • Circuits and methods for modular exponentiation
  • Circuits and methods for modular exponentiation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0083] The structure and operation of the present invention is dependent upon the partitioning of one of the multiplying factors into a plurality of k bit-wide pieces. Thus, instead of representing a binary number A as ∑i=0n-1⁢ai⁢2i,

one of the multiplying factors in the present invention is represented instead in the form Am-1⁢Rm-1+…+A2⁢R2+A1⁢R+A0=∑j=0m-1⁢Aj⁢Ri⁢ ,

where R=2k. In this representation, the number A is represented in block form where each of the m blocks includes k bits. That is, each Ai represents an integer having k bits.

[0084] In the present system, multiplication modulo an odd number N is a significant object. Also, for purposes of understanding the present invention, the symbol n is used to denote the number of bits in the binary representation for N. Also, for present purposes, it is assumed that the number A, as stored in Register A (reference numeral 10 in FIG. 1), is the number that is partitioned into m blocks. In general, the number of blocks m is selecte...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The modular exponentiation function used in public key encryption and decryption systems is implemented in a standalone engine having at its core modular multiplication circuits which operate in two phases which share overlapping hardware structures. The partitioning of large arrays in the hardware structure, for multiplication and addition, into smaller structures results in a multiplier design comprising a series of nearly identical processing elements linked together in a chained fashion. As a result of the two-phase operation and the chaining together of partitioned processing elements, the overall structure is operable in a pipelined fashion to improve throughput and speed. The chained processing elements are constructed so as to provide a partitionable chain with separate parts for processing factors of the modulus. In this mode, the system is particularly useful for exploiting characteristics of the Chinese Remainder Theorem to perform rapid exponentiation operations. A checksum mechanism is also provided to insure accurate operation without impacting speed and without significantly increasing complexity. While the present disclosure is directed to a complex system which includes a number of features, the present application is particularly directed to circuits and methods for carrying out modular exponentiation.

Description

BACKGROUND OF THE INVENTION [0001] The present application is directed to a method and apparatus for performing encryption and decryption. The application discloses several inventions relating to an overall system for the use of exponentiation modulo N as a mechanism for carrying out the desired cryptological goals and functions in a rapid, efficient, accurate and reliable manner. A first part of the disclosure is related to the construction of a method and its associated apparatus for carrying out modular multiplication. A second part of the disclosure is directed to an improved apparatus for carrying out modular multiplication through the partitioning of the problem into more manageable pieces and thus results in the construction of individual identical (if so desired) Processing Elements. A third part of the disclosure is directed to the utilization of the resulting series of Processing Elements in a pipelined fashion for increased speed and throughput. A fourth part of the discl...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F7/72H04K1/00H04L9/00
CPCG06F7/723
Inventor CHEN, CHIN-LONGCHENCINSKI, EDWARD W.CONDORELLI, VINCENZOFOGELL, LEONARD L.PATEL, SAMIR K.
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products